Hi Glenn, The calling gateway should be making the connection. The persistent end just waits for the call. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Glenn Maks [mailto:gmaks@xxxxxxxxx] Sent: Thursday, September 18, 2003 1:31 PM To: [ISAserver.org Discussion List] Subject: [isalist] L2TP Tunnels with Certificates Importance: High http://www.ISAserver.org Here is one for the group, I have established a L2TP Tunnel using Certificates between 2 ISA servers, works great, with one hitch, when the remote ISA server has a need to be rebooted for any reason, that is to say all system services shut down and start back up upon reboot, I see in RRAS on my end that the Tunnel end points can not be automatically reestablished like they should, I have my side set to persistent and defaults on the opposing side, the only way to reestablish connection is re-run this command "secedit refreshpoilicy machine_policy /enforce" after I run this my side automatically reestablishes connection and all is well again .. is there a way to make this permanent?